Corporate Compliance In 2021, IRPC revised its Corporate Compliance due to two main factors: (1) the COVID-19 pandemic, and (2) the introduction of New Organization with Agile Human (NOAH), for management transformation to reduce operating costs in all aspects of the company’s operations. This involves full reviews of business model, operating model, procedures, processes, regulations, and introduction of modern technologies to enhance efficiency to achieve two goals: long-term cost reduction and more streamlined management structure and workforce that align with business strategies based on cost competitiveness. In order to consistently meet myriad international standards, IRPC provides oversight for compliance as well as encourages further development. In 2021, the company set goals, work plans and compliance oversight indicators for short- and longterms by focusing on the implementation of the operational supervision plan on compliance as follows: 1. Formulation of policies, procedures, handbook and guidelines relating to Personal Data Protection Act (PDPA) as follows: • Develop policy and personal data protection guidelines, Procedure Manual (PM) and Checklist relating to guidelines on handling of personal data, covering vulnerable work groups along with the development of PMs for relevant work units, and a Data Subject Right System that focuses on supporting the exercise of rights of the data subject quickly and efficiently. A Data Protection Officer was established and a PDPA Center established to run the system and handle matters relating personal data protection in compliance with the law. • Establish a Personal Data Protection Committee and appoint a PDPA Data Champion Team to ensure that each of the relevant work groups has one member who coordinator, monitor personal data protection activities and report progress status to the PDPA Center and the Data Protection Officer. This is to ensure required actions are achieved according to plans so that the management and the Board of Directors are informed on this matter. Personal data protection compliance calls for participation of personnel in all units of the organization to drive further development and systematic management making use of technology enhance efficiency. Awareness campaigns and training programs are provided by the company through on-line PDPA Corporate Training Program to ascertain those personnel whose jobs require them to protect personal data and relevant personnel are capable to perform their task correctly in compliance with the personal data protection law. • IRPC stepped up its preparedness in anticipation of the enforcement of the data protection law, with full cooperation from all units in the company, from the Board of Directors, the management and employees. The company has since achieved full compliance in personal data protection, and together with the Thailand Productivity Institute, IRPC is now sharing its success in this matter with other organizations. (Read more at https://www.ftpi.or.th/2021/69815) Board of Directors Nomination and Remuneration Committee Corporate Governance Committee Audit Committee Risk Management Committee GRC Integrated team Risk Management Committee Employee Duties, Responsibilities, and guidelines in an integrated GRC. 218 IRPC PUBLIC COMPANY LIMITED 56-1 ONE REPORT 2021
RkJQdWJsaXNoZXIy ODg4NTI=